This policy was updated on January 18, 2022.
The tools through which the personal data of the Users are collected and processed are the following websites used by the Italian and foreign legal entities belonging to the CC LLP Network:
• CC LLP: www.colellaconsulting.com
• AE MORGAN LTD (UK): https://www.aemorgan.net
• MORGAN CORPORATE LTD (UK): https://www.morgancorporate.com (hereinafter, collectively, “the CC LLP Websites”).
The CC LLP Websites are created through an IT tool (called Adobe Experience Manager) belonging to foreign entities of the CC LLP Network; this tool is made available to the Italian legal entities (as well as other countries / territories) of the Network for the generation of CC LLP websites dedicated exclusively to the activities carried out by the local legal entities.
The CC LLP websites are managed by companies external to the group, with technical skills, have administrative access, for the sole purpose of solving problems of a technological nature.
By using the CC LLP websites, the interested party acknowledges having read and understood the content of the information.
As described in the Information and in the CC LLP Websites, the personal data of the Data Subjects may be processed by one or more of the Italian legal entities of the CC LLP Network indicated below as “Joint Controllers”, having concluded an agreement dealing with the management and of the update of the CC LLP Websites. Furthermore, in limited cases indicated below in the Information (for example: the need for maintenance work on the CC LLP Websites), User data could also be viewed by foreign entities that are members of the CC LLP Network. All legal entities belonging to the CC LLP Network are legally independent of each other.
In the event that, by browsing the CC LLP websites, the interested party accesses other sites of foreign legal entities CC LLP other than those indicated as Joint Controllers in the Information, the User’s personal data will be processed according to the terms of the information provided by the other legal entities which, in turn, will become autonomous owners. Consequently, the information contained in this Notice will not apply.
Responsible for the protection of personal data / Data Protection Officer.
For any report concerning the processing of the personal data of the interested party and for the exercise of the rights indicated in Chapter III, Section I, GDPR, it is possible to contact the Data Protection Officer of the co-owner Colella Consulting di Colella Ettore & C. Sas through the following references:
Office of the Data Protection Officer
1. Tel. (02) 36537 786
Fax (02) 700 502 291
Legal basis for the processing of personal data
The legal basis applied by the Joint Controllers to process any personal data released spontaneously by the Data Subjects in the context of the navigation of the CC LLP websites is the legitimate interest (article 6, paragraph 1, letter f), GDPR) pursued by the Italian legal entities of the Network CC LLP to promote its initiatives and commercial activities aimed at any person who may decide to enter into a business relationship with one or more of the legal entities belonging to the CC LLP Network. If the User, while browsing the CC LLP websites, reaches web pages through which specific and further processing is carried out (for example, registration to an event for marketing purposes promoted by CC LLP), the legal basis will be indicated in the specific reference information prepared for this activity.
Use of personal data
By simply browsing the CC LLP Websites, no personal data is acquired or used. The personal information collected through the CC LLP Websites is only that which may be released by the User within specific sections of the CC LLP Websites (for example, the “Contact us” section); such data may be used to respond to requests made directly by the interested parties through the communication channels available on the CC LLP Websites. The data may also be used for further purposes relating to processing carried out by the Joint Controllers in relation to specific activities carried out by CC LLP and managed through specific sections of the CC LLP websites containing the relevant information pursuant to Article 13, GDPR (for example, initiatives with marketing purposes promoted by the Joint Controllers). In no case will the data collected through the CC LLP Websites be sold or transferred to third-party companies for marketing or other purposes. Categories of personal data processed When the interested party accesses the CC LLP Websites, information may be collected regarding the ways in which the same uses the CC LLP Websites in which he is browsing through cookies and analysis tools. This information is acquired in anonymized form (for more details see the Cookie information section). The personal data that CC LLP needs to collect and process through the CC LLP Websites are of a common-identifying type, such as name and surname, email address, telephone number, company role / company belonging as they are directly provided by the ‘User. CC LLP does not need to collect personal data of a “particular” nature as defined by article 9, GDPR (for example, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data relating to health) or “criminal” as defined by article 10, GDPR through the CC LLP Websites, unless there is a legal obligation to do so. If such information is provided but is not necessary, the Joint Controllers will delete it. It should be noted that the processing of the User’s personal data is carried out by means of the operations indicated in Article 4, no. 2), GDPR – carried out with or without the aid of IT systems – and more precisely: collection, registration, organization, structuring, updating, storage, adaptation or modification, extraction and analysis, consultation, use, communication by transmission, comparison, interconnection , limitation, cancellation or destruction.
Recipients of personal data
For the aforementioned purposes, the personal data you provide may be made accessible: 1. to employees and collaborators of the Joint Controllers, in their capacity as persons authorized to process the data (or so-called “Data Processors”); 2. to judicial or supervisory authorities, administrations, public bodies and organizations (national and foreign) and professional associations; 3. to employees and collaborators of other Italian and foreign legal entities of the CC LLP Network exclusively in relation to maintenance activities of the CC LLP Websites as well as any suppliers / subcontractors appointed by them for the same purpose. Retention period CC LLP retains the User’s personal information within its systems for the period strictly necessary with respect to the various purposes for which it was collected or according to the terms of the law. CC LLP retains the contact information provided voluntarily by the Data Subject until the User requests their cancellation through the Contact us section of the CC LLP Websites. If the User requests removal from a mailing list, only the information useful to satisfy the request is kept. Transfer of personal data Since CC LLP is an international network made up of legal entities present throughout the world, the User’s personal information may be transferred outside the country in which it is collected for the purposes of maintaining the CC LLP Websites and storing data there. contents. Any transfer abroad, carried out for the aforementioned purposes, of data to non-EU countries takes place in compliance with the regulatory provisions in force, as well as in compliance with the provisions adopted by the European Court of Justice and by national and foreign Authorities regarding protection. of personal data. In any case, the foreign entities of the CC LLP Network will only be able to access the CC LLP Websites for maintenance purposes. Third party links Within the CC LLP websites, the User may find links to external third-party sites not belonging to, or managed by, CC LLP; the treatments performed through these sites (such as, by way of example, suppliers, social networks, business partners, universities, non-profit organizations, etc.) are not governed by the Information. If the interested party connects to third-party sites, the information will no longer be applicable and the provisions of the information provided by the owners of the third-party sites will apply. Personal Information Security The Joint Controllers have implemented suitable security measures applied globally by the Network CC LLP in order to protect information of a personal nature from loss, misuse, alteration or destruction. Users’ personal data collected through the CC LLP Websites can only be accessed by persons authorized and bound to CC LLP by specific confidentiality obligations. In any case, the logical and physical security of the systems used and the confidentiality of the personal data processed will be guaranteed, putting in place all the necessary technical and organizational measures to guarantee their security.
For more details, please consult the Cookie information section. Exercisable rights CC LLP guarantees the exercise of the rights of the interested parties pursuant to articles 15 and following of the GDPR. In accordance with the provisions of Chapter III, Section I, GDPR, the interested party may exercise the rights indicated therein and in particular:
- Right of access – Receive confirmation that the processing of personal data concerning the User is in progress and, in this case, obtain information relating, in particular, to: purpose of the processing, categories of personal data processed, period of conservation, recipients to whom they can be communicated (article 15, GDPR);
- Right of rectification – Obtain, without undue delay, the rectification of inaccurate personal data concerning the interested party and the integration of incomplete ones (Article 16, GDPR); • Right to cancellation – Request, without undue delay, the cancellation of the data subject’s personal data, in the cases provided for by the GDPR (Article 17, GDPR);
- Right of limitation – To impose on the owners or joint owners indicated in the Information the limitation of the processing, in the hypotheses established by the GDPR (Article 18, GDPR);
- Right to portability – Receive in a structured format, commonly used and readable by an automatic device, the User’s personal data provided to the legal entities of the Italian CC LLP network indicated as owners or joint controllers in the Information, as well as obtain that the same are transmitted to another controller without hindrance, in the cases provided for by the GDPR (article 20, GDPR);
- Right to object – Oppose the processing of the User’s personal data, unless there are legitimate reasons for the legal entities of the Italian CC LLP network indicated as owners or joint controllers in the Information to continue processing (Article 21, GDPR);
- Right to lodge a complaint with the supervisory authority – Propose a complaint to the Guarantor Authority for the protection of personal data (Information and contact details on the website www.garanteprivacy.it).